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Take a look at your keyring... 


Outline 


How locks & keys work 

Intro to the tools Гт releasing 

Brute forcing all possible keys 
Reading the pins in a lock 
Impressioning with extra information 
Keyed alike systems & lock disassembly in nonmastered systems 
Information theory and entropy 

How master keying works 

Deriving a master key from multiple low-level keys 

Rights amplification in mastered systems 

Special cases: construction keying, IC cores, Medeco, Mul-T-Lock 
Remediation 


Software Analysis Tools 


Try it yourself! 


https://ggrsecurity.com/personal/~bgraydon/keyspace 


https://tinyurl.com/key-space 


Source: 


https://github.com/bgraydon/lockview 
https://github.com/bgraydon/keyspace 


How Locks Work 
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What is a key? 


Mechanically encoded information. 


Background | Key Codes 
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Background | Key Codes | Bitting 
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Background | Key Codes 
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MACS - Maximum Adjacent Cut Specification 


X No good - too steep 


MACS - Maximum Adjacent Cut Specification 


X No good - too steep 


MACS = Maximum Adjacent Cut Specification 


Key Type MACS 


In theory - 


Number of depths to the power of the number of spaces 
E.g. - 


Schlage - 10 depths, to the power of 5 or 6 spaces - 
100,000 or 1,000,000 possible combinations 


Medeco - 6 depths, to the power of 5 or 6 spaces - 
7000 or 46000 combinations 


There are further limitations imposed by physical constraints! 


Keys vs. Passwords 


Trait Password 


Cost to try one $0.00000000001 $0.30-$10.00 
Detectability of brute force Challenging 
Length Unlimited Severely Limited 


Complexity Unlimited Limited 


Ease of changing Easy E and 
time-consuming 


Privilege levels 。 Privilege levels 。 Unlimited schemes 。 schemes Limited to | Limited to hierarchical — 


The Economics of Brute-Force Attacks 


Brute force = trying all possible keys 


If we have n key codes to try, we need at most n blanks, possibly fewer 


Blanks cost between $0.13 and $3.00 - the common ones are cheap 
If you have access to a code cutting machine, the marginal cost of a new key 
cut is the blank * your time 

e |f you do not, locksmiths will cut keys to code for $3.00-$10.00 each 


E.g. - if you can reduce the keyspace of a given lock to 1000 possible keys, the 
cost might be $450 (you own a code machine, blanks are $0.45 each) or $4000 
(you need to use a locksmith, cost per cut key is $4.00) 
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Try-Out Key Set for "Smart" 
Type Locks that use the 
KW1 Key 256 Set 
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Try-Out Key Set for "Smart" 
Type Locks that use the 
KW1 Key 256 Set 


Your Price: $394.90 


This Tryout set has 256 keys in it, expect to have 98% success with all "smart key" type locks that use the KW1 
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Lock Tolerances 


1 
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GM Try Out Key Set 


Part Number: GMPK 
Your Price: $85.95 


に 


click here for more info 


Be the first to review this product 


GM Try Out Key Set 
62 key set 


Description Additional Info Reviews Tags 


Try out keys are used in many cases as a first try. The success rate with this set is about 8096. (for GM's from 1967 - 1987 
models) Set works on doors, trunks, and ignition for all single sided keyways A-K. 
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Decoding Locks 
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SARGENT 


Depth Bittin 
of Cut No. 


.330 1 
.310 2 
.290 3 
‚270 4 
.250 5 
6 
7 
8 
9 


230 
210 
190 
170 
150 | 0 


EPD = .498 TFC = .216 BCC = .156 MACS =7 
* INVERT .219 BOTTOM PIN USE AS TOP PIN 
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Password Re-Use 


e |5 bad 


Key Re-Use 
e Is called “keyed alike" and is a common and accepted arrangement 


In a keyed-alike system, the key space is 1! 
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Keyed Alike - When Your Keyspace is 1 


e Elevators e Almost all other utilities 

e Most alarms (i.e. Detex) e New York City 

e Enterphone systems e HVAC / Building automation systems 
e Most controller boxes e Мапу city’s fire safety boxes 

e Golf carts e Many regional Knox boxes 

e Heavy equipment e Vending machines 

e Police cars e Postal keys 

e Traffic light controllers e Luggage - TSA keys 

e Telecom boxes e Handcuffs 


HOPE XI: Howard Payne & Deviant Ollam, This Key is Your Key, This Key is My Key 
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Shannon Entropy 


Information = stuff we know. 


Entropy - stuff we don't know. 


We know whether a stop light is red or green. The colour of a stop light is information. 


We don't know the outcome of a random variable, such as a coin flip or a dice roll. A coin flip 
and or dice roll has entropy. A key or password has entropy. 
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Measuring Entropy 


Once we do know the information, how many bits on a hard drive will it take to 
write it down (on average)? 


A coin flip — one bit 
A random number 0..255 — 8 bits 


A random number 1..10 — 3.32 bits 
3 random numbers 1..10 can be encoded in a number 0..10°. 
We can use 10 bits to encode 0..1023. So 10 bits will encode 0..999. 
10 bits / 3 random numbers 1..10 = 3.33 > 3.32 bits / random number 
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Measuring Entropy 


Number of bits it takes to write down a number O..x 
— log, (x) 


Number of bits of entropy (H) for a random variable with n outcomes: 
> H = log, (n) 
E.g: 


A fair coin flip, 2 outcomes: log。(2) = 2 bits 
A random number 0..255: log, (256) = 8 bits 
A random number 1..10: log,(10) = 3.322 bits 


bf 


Key Entropy Examples 


Number of bits in a piece of information (e.g. key, password) - 


8-character ASCII password - 8*8=256 bits of entropy 

10-digit passcode, 3 characters long - 1000 combinations or 9.97 bits 

EVVA MCS key, 4 rotors with 8 positions each - 8^4=4096 or 12.00 bits of entropy 
Schlage 5-pin system - 5^10 or 100000 combinations (16.6 bits) 


If there are N possibilities, and all possibilities are equiprobable, then entropy (H) is given by: 
Н = log,(n) 


If some possibilities are more likely than others, entropy goes down. E.g., dictionary-based 
passwords; avoidance of deep cut keys; key coding to deter picking 
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Entropy: 2 Possibilities, Unequal Probability 


Master key decoded to 14767 or 94767... 


When 50/50 chance... 


Н = -р, (ее (92) 7 р, log. (p.) 
Н = -0.5log, (0.5) - 0.5 log。(0.5) = -log,(0.5) = log,(2) = 1 bit. 


Are these equiprobable? 
Н = 0.95 log,(0.95) + 0.05 log, (0.05) = 0.286 bits 


In the extreme, if one option is certain, that's O bits! 


In general... Н = -È p log,(p) 
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Joint Conditional Entropy, 
Mutual Information 


H(112) 


8.74 


‘Codebook 


Master Keying 


00331 


мкА.” MKB 


32331 12331 
k “а 
A01 A02 so ციე 
32301 32302 12301 12302 


GGMK 


KA B ZAS 


AA1..AA5 AB1..AB5 AC1..AC5 BA1..BA5 BB1..BB5 CA1..CA5 CB1..CB5 CC1..CC5 


65 


SARGENT 


Depth Bittin 
of Cut No. 


.330 1 
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EPD = .498 TFC = .216 BCC = .156 MACS =7 
* INVERT .219 BOTTOM PIN USE AS TOP PIN 
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Master Keyed Lock Disassembly 


Deducing the Master from 
Multiple Change Keys 


Rights Amplification 


Construction Core Systems 


Interchangeable Core Systems 
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159 Possible Medeco TMks II... 


Intelligence: large facility 


Intelligence: IC System 
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Nonmastered Medeco Locks 


Physical Creation of Keys 


Getting a Key Cut 


1. Identify the blank 

2. Determine the bitting code you want 

3. Goto a locksmith (not a hardware store 
or 7/11) 

4. Askifthey can cut you a key by code 

5. Give them the blank and code: e.g. “A Schlage SC1 with bitting code 
0-4-2-8-5" 

6. If they say “that key is restricted, | can't cut you that”... check out our 
DEF CON 27 talk on Duplicating Restricted Mechanical Keys or wait a 
year for our (tentative) DEF CON 29 part II of that talk. 
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Defenses 


Avoid very large mastering systems 
Don't master high-security and low-security facilities on one system 

o Very high risk locations should be off-master (current requirement for USA nuclear arsenals) 
A missing lock is as bad as a missing GMK! 
Consider alternatives to the 2-step system 


o Other specific defenses 
o If this is in your threat model 


e Use a restricted keying system - it won't stop a determined attacker, but it can 
slow them down and drive their costs up 
e Your facility should be secure even if an attacker has the СМК 
o Alla lock does is keep honest people honest. Add alarms, guards, etc. 


e Use IC or electronic components to make rekeying easier 
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Master keys for O'Hare Airport security acce 
were lost, costing city in “five figures” 


A set of keys that provides almost total access to O'Hare Airport were lost and never recovered. But 


there were rare consequences for the employee involved, a Sun-Times investigation found. 
By Robert Herguth | Jun 21, 2019, 5:00am CDT 
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A set of keys like these belonging to the Chicago Department of Aviation and allowing high-level security access to 
O'Hare Airport were lost. | Photo illustration by Ashlee Rezin & Brian Ernst / Sun-Times 
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MOST READ 


School cops speak out at 
about kids out there that 


Cubs trade pitcher Mike M 
Royals for catcher Martin 


Dach, Nylander, others del 
Blackhawks’ development 


2 men killed in South Chic: 
police 


R. Kelly divorce files show 
battle over money 


Breaking News 


Subscribe to our breaking 
list 


NEWS 


Lost, stolen campus master keys too 
expensive to replace 


November 27, 2018 © 0 vie 


The master keys at UCA have recently been brought into the light due to an investigation 
involving a lost key. 


The investigation began in June after a theft was reported in Assistant Director of Financial Aid fc 
Scholarships Andrew Linn's office in McCastlain Hall, Jeff Pitchford, vice president of university 


and government relations, said. 


A thief reportedly broke in and stole four pills out of Linn's office. The key used was a grand 


Go try it! 
https://ggrsecurity.com/personal/ 
~bgraydon/keyspace 


Or: https://tinyurl.com/key-space 


Questions? Source: 
https://github.com/bgraydon/lockview 
b.aravdon rsecuritv.com https://github.com/bgraydon/keyspace 
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